diff options
Diffstat (limited to 'hal.h')
-rw-r--r-- | hal.h | 176 |
1 files changed, 160 insertions, 16 deletions
@@ -5,6 +5,8 @@ * * Authors: Joachim Strombergson, Paul Selkirk, Rob Austein * Copyright (c) 2015-2017, NORDUnet A/S All rights reserved. + * Copyright: 2019-2020, The Commons Conservancy Cryptech Project + * SPDX-License-Identifier: BSD-3-Clause * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are @@ -16,9 +18,9 @@ * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * - * - Neither the name of the NORDUnet nor the names of its contributors may - * be used to endorse or promote products derived from this software - * without specific prior written permission. + * - Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED @@ -55,7 +57,13 @@ * Should the versions be here even if the names should be? */ -#define NOVENA_BOARD_NAME "PVT1 " +#define ALPHA_BOARD_NAME "ALPHA " +#define ALPHA_BOARD_VERSION "0.20" + +#define FMC_INTERFACE_NAME "fmc " +#define FMC_INTERFACE_VERSION "0.20" + +#define NOVENA_BOARD_NAME "PVT1 " #define NOVENA_BOARD_VERSION "0.10" #define EIM_INTERFACE_NAME "eim " @@ -67,26 +75,29 @@ #define TRNG_NAME "trng " #define TRNG_VERSION "0.51" -#define AVALANCHE_ENTROPY_NAME "extnoise" +#define AVALANCHE_ENTROPY_NAME "extnoise" #define AVALANCHE_ENTROPY_VERSION "0.10" #define ROSC_ENTROPY_NAME "rosc ent" #define ROSC_ENTROPY_VERSION "0.10" +#define RNG_MIXER_NAME "rngmixer" +#define RNG_MIXER_VERSION "0.50" + #define CSPRNG_NAME "csprng " #define CSPRNG_VERSION "0.50" #define SHA1_NAME "sha1 " -#define SHA1_VERSION "0.50" +#define SHA1_VERSION "0.60" #define SHA256_NAME "sha2-256" -#define SHA256_VERSION "1.80" +#define SHA256_VERSION "1.82" #define SHA512_NAME "sha2-512" -#define SHA512_VERSION "0.80" +#define SHA512_VERSION "0.81" #define AES_CORE_NAME "aes " -#define AES_CORE_VERSION "0.80" +#define AES_CORE_VERSION "0.70" #define CHACHA_NAME "chacha " #define CHACHA_VERSION "0.80" @@ -98,16 +109,19 @@ #define MODEXPS6_VERSION "0.10" #define MODEXPA7_NAME "modexpa7" -#define MODEXPA7_VERSION "0.10" +#define MODEXPA7_VERSION "0.25" + +#define MODEXPNG_NAME "modexpng" +#define MODEXPNG_VERSION "0.10" #define MKMIF_NAME "mkmif " #define MKMIF_VERSION "0.10" #define ECDSA256_NAME "ecdsa256" -#define ECDSA256_VERSION "0.11" +#define ECDSA256_VERSION "0.20" #define ECDSA384_NAME "ecdsa384" -#define ECDSA384_VERSION "0.11" +#define ECDSA384_VERSION "0.20" #define KEYWRAP_NAME "key wrap" #define KEYWRAP_VERSION "0.70" @@ -413,6 +427,37 @@ extern void hal_modexp_set_debug(const int onoff); extern hal_error_t hal_modexp( const int precalc, hal_modexp_arg_t *args); extern hal_error_t hal_modexp2(const int precalc, hal_modexp_arg_t *args1, hal_modexp_arg_t *args2); +/* ModExpNG extensions */ + +typedef struct { + hal_core_t *core; + const uint8_t *msg; size_t msg_len; /* Message */ + const uint8_t *exp; size_t exp_len; /* Exponent */ + const uint8_t *mod; size_t mod_len; /* Modulus */ + uint8_t *result; size_t result_len; /* Result of exponentiation */ + uint8_t *coeff; size_t coeff_len; /* Modulus coefficient (r/w) */ + uint8_t *mont; size_t mont_len; /* Montgomery factor (r/w)*/ + + uint8_t *p; size_t p_len; + uint8_t *pC; size_t pC_len; + uint8_t *pF; size_t pF_len; + + uint8_t *q; size_t q_len; + uint8_t *qC; size_t qC_len; + uint8_t *qF; size_t qF_len; + + uint8_t *dP; size_t dP_len; + uint8_t *dQ; size_t dQ_len; + uint8_t *qInv; size_t qInv_len; + + uint8_t *bf; size_t bf_len; + uint8_t *ubf; size_t ubf_len; +} hal_modexpng_arg_t; + +extern hal_error_t hal_modexp_use_modexpng(const int onoff); +extern int hal_modexp_using_modexpng(void); +extern hal_error_t hal_modexpng(hal_modexpng_arg_t *a); + /* * Master Key Memory Interface */ @@ -461,6 +506,10 @@ extern void hal_rsa_set_debug(const int onoff); extern void hal_rsa_set_blinding(const int onoff); +extern void hal_rsa_clear_blinding_cache(void); + +extern void hal_rsa_set_crt(const int onoff); + extern hal_error_t hal_rsa_key_load_private(hal_rsa_key_t **key, void *keybuf, const size_t keybuf_len, const uint8_t * const n, const size_t n_len, @@ -820,16 +869,16 @@ extern hal_error_t hal_rpc_pkey_generate_ec(const hal_client_handle_t client, const hal_curve_name_t curve, const hal_key_flags_t flags); -typedef enum lmots_algorithm_type lmots_algorithm_t; -typedef enum lms_algorithm_type lms_algorithm_t; +typedef enum hal_lmots_algorithm_type hal_lmots_algorithm_t; +typedef enum hal_lms_algorithm_type hal_lms_algorithm_t; extern hal_error_t hal_rpc_pkey_generate_hashsig(const hal_client_handle_t client, const hal_session_handle_t session, hal_pkey_handle_t *pkey, hal_uuid_t *name, const size_t hss_levels, - const lms_algorithm_t lms_type, - const lmots_algorithm_t lmots_type, + const hal_lms_algorithm_t lms_type, + const hal_lmots_algorithm_t lmots_type, const hal_key_flags_t flags); extern hal_error_t hal_rpc_pkey_close(const hal_pkey_handle_t pkey); @@ -909,6 +958,101 @@ extern hal_error_t hal_rpc_server_close(void); extern hal_error_t hal_rpc_server_dispatch(const uint8_t * const ibuf, const size_t ilen, uint8_t * const obuf, size_t * const olen); +/* + * Hash-Based Signatures. + * + * This really ought to be up with RSA and ECDSA, but it has forward + * references to hal_key_flags_t and hal_uuid_t. + */ + +enum hal_lmots_algorithm_type { + HAL_LMOTS_RESERVED = 0, + HAL_LMOTS_SHA256_N32_W1 = 1, + HAL_LMOTS_SHA256_N32_W2 = 2, + HAL_LMOTS_SHA256_N32_W4 = 3, + HAL_LMOTS_SHA256_N32_W8 = 4 +}; + +enum hal_lms_algorithm_type { + HAL_LMS_RESERVED = 0, + HAL_LMS_SHA256_N32_H5 = 5, + HAL_LMS_SHA256_N32_H10 = 6, + HAL_LMS_SHA256_N32_H15 = 7, + HAL_LMS_SHA256_N32_H20 = 8, + HAL_LMS_SHA256_N32_H25 = 9 +}; + +typedef struct hal_hashsig_key hal_hashsig_key_t; + +extern const size_t hal_hashsig_key_t_size; + +extern hal_error_t hal_hashsig_key_gen(hal_core_t *core, + hal_hashsig_key_t **key_, + void *keybuf, const size_t keybuf_len, + const size_t hss_levels, + const hal_lms_algorithm_t lms_type, + const hal_lmots_algorithm_t lmots_type, + const hal_key_flags_t flags); + +extern hal_error_t hal_hashsig_delete(const hal_uuid_t * const name); + +extern hal_error_t hal_hashsig_private_key_to_der(const hal_hashsig_key_t * const key, + uint8_t *der, size_t *der_len, const size_t der_max); + +extern size_t hal_hashsig_private_key_to_der_len(const hal_hashsig_key_t * const key); + +extern hal_error_t hal_hashsig_private_key_from_der(hal_hashsig_key_t **key_, + void *keybuf, const size_t keybuf_len, + const uint8_t *der, const size_t der_len); + +extern hal_error_t hal_hashsig_public_key_to_der(const hal_hashsig_key_t * const key, + uint8_t *der, size_t *der_len, const size_t der_max); + +extern size_t hal_hashsig_public_key_to_der_len(const hal_hashsig_key_t * const key); + +extern hal_error_t hal_hashsig_public_key_from_der(hal_hashsig_key_t **key, + void *keybuf, const size_t keybuf_len, + const uint8_t * const der, const size_t der_len); + +extern hal_error_t hal_hashsig_sign(hal_core_t *core, + const hal_hashsig_key_t * const key, + const uint8_t * const hash, const size_t hash_len, + uint8_t *sig, size_t *sig_len, const size_t sig_max); + +extern hal_error_t hal_hashsig_verify(hal_core_t *core, + const hal_hashsig_key_t * const key, + const uint8_t * const hash, const size_t hash_len, + const uint8_t * const sig, const size_t sig_len); + +extern hal_error_t hal_hashsig_key_load_public(hal_hashsig_key_t **key_, + void *keybuf, const size_t keybuf_len, + const size_t L, + const hal_lms_algorithm_t lms_type, + const hal_lmots_algorithm_t lmots_type, + const uint8_t * const I, const size_t I_len, + const uint8_t * const T1, const size_t T1_len); + +extern hal_error_t hal_hashsig_key_load_public_xdr(hal_hashsig_key_t **key_, + void *keybuf, const size_t keybuf_len, + const uint8_t * const xdr, const size_t xdr_len); + +extern size_t hal_hashsig_signature_len(const size_t L, + const hal_lms_algorithm_t lms_type, + const hal_lmots_algorithm_t lmots_type); + +extern size_t hal_hashsig_lmots_private_key_len(const hal_lmots_algorithm_t lmots_type); + +extern hal_error_t hal_hashsig_public_key_der_to_xdr(const uint8_t * const der, const size_t der_len, + uint8_t * const xdr, size_t * const xdr_len , const size_t xdr_max); + +extern hal_error_t hal_hashsig_ks_init(void); + +extern hal_error_t hal_hashsig_export(const hal_uuid_t * const name, + uint8_t *der, size_t *der_len, const size_t der_max); + +extern hal_error_t hal_hashsig_import(const uint8_t *der, const size_t der_len, + const hal_key_flags_t flags); + #endif /* _HAL_H_ */ /* |